<?php
/**
 * lemocms
 * ============================================================================
 * 版权所有 2018-2027 lemocms，并保留所有权利。
 * 网站地址: https://www.lemocms.com
 * ----------------------------------------------------------------------------
 * 采用最新Thinkphp6实现
 * ============================================================================
 * Author: yuege
 * Date: 2019/8/2
 */
namespace app\admin\controller;
use app\admin\model\Admin;
use app\admin\model\AuthRule;
use app\BaseController;
use think\facade\Db;
use think\facade\Request;
use think\facade\Session;
use think\facade\View;
class Base extends BaseController{
    public $pageSize=15;
    public $menu = '';
    public $adminRules='';
    public $hrefId='';
    function initialize()
    {
        parent::initialize(); // TODO: Change the autogenerated stub
        //判断管理员是否登录
        if (!session('admin.id') && !session('admin')) {
          $this->redirect('login/index');
        }
        $this->authCheck();
    }

    /**
     * 验证权限
     */
    public function authCheck(){

        $allow = [
            'index/index',
            'index/main',
            'index/cleardata',
            'index/logout',
            'login/password',
            ];
        $route = strtolower(Request::controller()).'/'.strtolower(Request::action());
        if(session('admin.id')!==1){
            $this->hrefId = Db::name('auth_rule')->where('href',$route)->value('id');
            //当前管理员权限
            $map['a.id'] = session('admin.id');

            $rules=Db::name('admin')->alias('a')
                ->join('auth_group ag','a.group_id = ag.id','left')
                ->where($map)
                ->value('ag.rules');
            //用户权限规则id
            $adminRules = explode(',',$rules);
            // 不需要权限的规则id;
            $noruls = AuthRule::where('auth_open',1)->column('id');
            $this->adminRules = array_merge($adminRules,$noruls);
            if($this->hrefId){
                if(!in_array($this->hrefId,$this->adminRules)){
                    $this->error('您无此操作权限');exit();
                }
            }else{
                if(!in_array($route,$allow)) {
                    $this->error('没有权限');
                    exit();
                }

            }
        }
        return $this->adminRules;

    }
    /**
     * 退出登录
     */
    public function logout()
    {
        Session::clear();
        $this->success('退出登录成功！', '@admin/login');
    }

    /*
     * 修改密码
     */
    public function password(){
        if (!Request::isPost()){
            return View::fetch('login/password');
        }else{
            $data =  Request::post();
            $oldpassword = Request::post('oldpassword',  'strval');
            $admin = Admin::find($data['id']);
            if($admin['password']!=md5(trim($oldpassword))) {
                $this->error('原密码错误');
            }
            $password = Request::post('password', '123456', 'strval');
            try {
                $password = trim($password);
                $data['password'] = md5($password);

                if(Session::get('admin.id')==1){
                    Admin::update($data);
                }elseif(Session::get('admin.id')==$data['id']){
                    Admin::update($data);
                }else{
                    $this->error('没有权限');
                }

            } catch (\Exception $e) {
                $this->error($e->getMessage());
            }
            $this->success('修改成功');

        }
    }
    public function base(){
        if (!Request::isPost()){
            return View::fetch('admin/password');
        }else{
            $data =  Request::post();
            $oldpassword = Request::post('oldpassword',  'strval');
            $admin = Admin::find($data['id']);
            if($admin['password']!=md5(trim($oldpassword))) {
                $this->error('原密码错误');
            }
            $password = Request::post('password', '123456', 'strval');
            try {
                $password = trim($password);
                $data['password'] = md5($password);

                if(Session::get('admin.id')==1){
                    Admin::update($data);
                }elseif(Session::get('admin.id')==$data['id']){
                    Admin::update($data);
                }else{
                    $this->error('没有权限');
                }

            } catch (\Exception $e) {
                $this->error($e->getMessage());
            }
            $this->success('修改成功');

        }
    }

    /*
     * 清除缓存 出去session缓存
     */
    public function clearData(){
        $dir = config('admin.clear_cache_dir') ? '../runtime/admin' : '../runtime';
        if(deldir($dir)){
            $this->success('清除成功');
        }
    }

    public function _empty()
    {
        $this->error('页面不存在');
    }
}
